Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Aug. 23rd 2021

Aug 23, 2021By Shaina Raskin

A snapshot of last week’s reported cybersecurity breaches and vulnerabilities

 

Node.js

Node.js released a security fix for several high-severity issues that pose a risk to anyone making HTTPS requests. HTTP Toolkit: https://httptoolkit.tech/blog/node-https-vulnerability/

 

T-Mobile

T-Mobile is investigating a breach that exposed the personal data of up to 100m customers, including social security numbers, addresses and more. KrebsonSecurity: https://krebsonsecurity.com/2021/08/t-mobile-investigating-claims-of-massive-data-breach/

 

Linux

In June, maintainers fixed a minor problem in glibc; but the fix introduced a worse vulnerability, CVE-2021-38604, which could trigger a denial-of-service issue. ZDNet: https://www.zdnet.com/article/linux-glibc-security-fix-created-a-nastier-linux-bug/

 

Chinese hackers

A researcher discovered that a Chinese government hacking group had developed a web attack framework that exploited vulnerabilities in 58 popular websites. The Record: https://therecord.media/chinese-espionage-tool-exploits-vulnerabilities-is-58-widely-used-websites/

 

BlackBerry

BlackBerry disclosed that a BadAlloc vulnerability impacted its QNX Real Time Operating System, one of the world’s most prevalent RTOSs. Australian Cyber Security Centre: https://www.cyber.gov.au/acsc/view-all-content/advisories/vulnerability-affecting-blackberry-qnx-rtos

 

Mozi IoT botnet

A peer-to-peer botnet that targets IoT devices now impacts network gateways manufactured by Netgear, Huawei and ZTE. The Hacker News: https://thehackernews.com/2021/08/mozi-iot-botnet-now-also-targets.html

 

Liquid

Hackers stole almost $100m in cryptocurrency from Liquid, a leading Japanese cryptocurrency exchange. BBC: https://www.bbc.com/news/business-58277359

 

U.S. Census Bureau

Hackers targeted U.S. Census Bureau servers with a cyberattack in 2020. They created fake user accounts but apparently did not compromise the 2020 census. The Hill: https://thehill.com/policy/cybersecurity/568490-census-bureau-computer-servers-target-of-january-2020-cyber-attack

 

Tokio Marine Insurance Singapore

This subsidiary of Tokio Marine Group announced that it experienced a ransomware attack and had isolated its network to prevent further damages. Insurance Journal: https://www.insurancejournal.com/news/international/2021/08/19/627806.htm

 

Memorial Health System

Hospitals in West Virginia and Ohio diverted patients to other care providers due to a ransomware attack that disrupted the IT systems of all clinics and three hospitals. Infosecurity Magazine: https://www.infosecurity-magazine.com/news/us-hospitals-divert-care-after/

 

Pearson

This large British publishing company is paying $1 million to settle charges that it misled investors about a 2018 data breach. TechCrunch: https://techcrunch.com/2021/08/16/pearson-to-pay-1m-fine-for-misleading-investors-about-2018-data-breach/

 

Ryan Specialty Group

A Chicago-based specialty intermediary company announced that it experienced a cyberattack in April, and the hackers may have accessed personal information. Business Insurance: https://www.businessinsurance.com/article/20210816/NEWS06/912343880/Ryan-Specialty-reveals-April-data-breach

 

Bar Ilan University

Israel’s Bar Ilan University reported a cyberattack and urged staff to shut down their computers. Authorities believe the attack to have a criminal motive rather than espionage. Haaretz: https://www.haaretz.com/israel-news/tech-news/.premium-cyberattack-on-israeli-university-data-being-erased-right-now-1.10119912

 

Elasticsearch cluster

Researchers found a U.S. government terrorism watchlist open on the internet in an exposed Elasticsearch cluster. Tech Target: https://searchsecurity.techtarget.com/news/252505403/FBI-watchlist-exposed-by-misconfigured-Elasticsearch-cluster

 

St. Joseph’s/Candler

The largest healthcare network in Savannah, Georgia, admitted that a ransomware attack it discovered two months ago had exposed the medical and financial data of 1.4m people. The Daily Swig: https://portswigger.net/daily-swig/us-healthcare-org-sends-data-breach-warning-to-1-4m-patients-following-ransomware-attack

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.